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- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
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6) ^ Claim(s) 1-20 is/are rejected. 
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Application Papers 
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Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet{s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
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DETAILED ACTION 

1 . The finality of the previous Office Action has been withdrawn. Applicant's arguments within the 
Appeal Brief were considered, but are moot in view of the new grounds of rejection. 

Claim Rejections - 35 USC §112 

2. The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of 
making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 

3. Claims 1-20 are rejected under 35 U.S.C. 112, first paragraph, as failing to comply with the 
enablement requirement. The claim(s) contains subject matter which was not described in the 
specification in such a way as to enable one skilled in the art to which it pertains, or with which it is most 
nearly connected, to make and/or use the invention. Applicant is comparing a value of a quantity of traffic 
that has been processed with a value of a quantity of traffic that has not been processed. Applicant has 
failed to explain how a value of a quantity of traffic can be calculated if said traffic has not been 
processed. The ambiguity on where the calculation is perfonned, how the calculation is performed, and 
the definition of processing the traffic by the network element prevents one of ordinary skill in the art from 
enabling the invention based on this abnormality in the logical flow of operation of the invention as 
claimed by Applicant. 

4. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

5. Claims 1,2, 8, 9, 10, 14, 16, 18, and 19 are rejected under 35 U.S.C. 112, second paragraph, as 
being indefinite for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. 

6. The temns "time period" and "periodic" in claims 1, 2, 8, 9, 10, 16, 18, and 19 are relative temns 
which renders the claims indefinite. These time identifiers are not defined by the claims, the specification 
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does not provide a standard for ascertaining the requisite degree, and one of ordinary skill in the art 
would not be reasonably apprised of the scope of the invention. 

7. Claim 14 is rejected because it refers to the method of claim 1 . Claim 1 is an apparatus claim, 
and there is insufficient antecedent basis for the method claim in claim 14. The Examiner treats this as 
being dependent upon the method of claim 9 for purposes of compact prosecution. 

Claim Rejections - 35 USC §102 

8. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that forni the basis for 
the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed 
publication in this or a foreign country, before the Invention thereof by the applicant for a patent. 

9. Claims 1-2, 6-7, 9-10, 14-15, and 17 are rejected under 35 U.S.C. 102(a) as being anticipated by 
Vaid et al. (U.S. Patent No. 6,137,777). 

1 0. In regard to claim 1 , Vaid disclosed a digital processor operable on a periodic basis to calculate a 
weighted traffic flow per usage for a given network element, said digital processor further including, a 
comparison mechanism for comparing a value of said weighted traffic flow per usage with a remainder 
value of said specific quantity of communications traffic yet to be processed by said network element, 
wherein an indication is given by said network element if said remainder value is less than said weighted 
traffic flow. Vaid performed incoming and outgoing management of infomnation over a computer network. 
The flows were controlled by time and other values, [column 9, lines 20-29] Time periods for monitoring 
the importance of traffic [value of said weighted traffic flow per usage] were used to detect problems and 
compare bandwidth usage over a particular segment of the network by a particular group of users based 
upon frequency of usage, [column 9, line 57 - column 10, line 41] 

11. In regard to claim 2, Vaid is applied as in claim 1 . Vaid further disclosed said digital processor 
waits until beginning another time period to calculate another value of said weighted traffic flow per usage 
to be compared with an updated remainder value. In column 9, line 57 - column 10, line 41 , Vaid 
disclosed comparing values of traffic based upon frequency of usage over various periods of time. 
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12. In regard to claim 6, Vaid is applied as in claim 1. Vaid further disclosed said apparatus is used 
in connection with a communications traffic monitoring application to identify randomly occurring traffic 
patterns. Vaid detected traffic bursts [column 1 0, lines 1-5] which is a randomly occurring traffic pattern. 

13. In regard to claim 7, Vaid is applied as in claim 1 . Vaid further disclosed said apparatus is used 
in connection with a communications network management application to monitor usage of network 
components. Column 8, line 66 - column 9, line 56 disclosed network management using the control of 
traffic flows and monitoring network perfomiance. 

14. In regard to claim 9, Vaid disclosed calculating on a periodic basis a weighted traffic flow per 
usage for a given network element; [column 9, line 57 - column 10, line 41] comparing a value of said 
weighted traffic flow per usage with a remainder value of said specific quantity of communications traffic 
yet to be processed by said network element; [column 9, line 62-66; column 10, lines 16-23] and giving an 
indication from said network element if said remainder value is less than said weighted traffic flow. 
Network flows were monitored and alarms and reports were produced, [column 9, lines 20-29] 

15. In regard to claim 10, Vaid is applied as in claim 9. Vaid further disclosed waiting until beginning 
another time period to calculate another value of said weighted traffic flow per usage to be compared with 
an updated remainder value. In column 9, line 57 - column 10, line 41, Vaid disclosed comparing values 
of traffic based upon frequency of usage over various periods of time. 

16. In regard to claim 14, Vaid is applied as in claim 9. Vaid further disclosed said method is used in 
connection with a communications traffic monitoring application to identify randomly occurring traffic 
patterns. Vaid detected traffic bursts [column 10, lines 1-5] which is a randomly occurring traffic pattern. 

17. In regard to claim 15, Vaid is applied as in claim 9. Vaid further disclosed said method is used in 
connection with a communications network management application to monitor usage of network 
components. Column 8, line 66 - column 9, line 56 disclosed network management using the control of 
traffic flows and monitoring network perfomiance. 

18. In regard to claim 17, Vaid is applied as in claim 9. Vaid further disclosed at least a portion of 
said communications traffic flows between network elements over the public Internet, [column 6, lines 21- 
38; figure 1] 
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Claim Rejections - 35 USC § 103 

19. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 

rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

20. Claims 3-5, 1 1-13, 18, and 20 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Vaid in view of Kent et al. (RFC 2401 : Security Architecture for the Internet Protocol, November 1998). 

21 . In regard to claim 3, Vaid is applied as in claim 1 . Vaid failed to disclose the association of a 
quantity of traffic with a security association between network elements. Vaid did disclose monitoring the 
traffic between network elements. Vaid disclosed in column 2, lines 39-46 that a preferred embodiment of 
the invention involved security management with a firewall. RFC 2401 in section 2.2 disclosed that IPSec 
was a part of an overall system security architecture. IPSec provided "limited traffic flow confidentiality" 
(3.1). A Security Association was a fundamental concept to IPSec. (4, 4.1). A security association 
provided a Security Policy Database which specified certain "minimum management functionality". (4.4.1) 
Since IPSec was a part of an overall security architecture, and provided a database which specified 
"minimum management functionality" {quantity value) and Vaid provided traffic management for a security 
device such as a firewall, it would have been obvious to one of ordinary skill in the art at the time of the 
invention to combine the teachings of RFC 2401 with the Vaid invention to allow for increased security by 
the use of IPSec with a traffic management system. 

22. In regard to claim 4, Vaid in view of Kent is applied as in claim 3. Kent further disclosed said 
indication given from said networl< elements prompts renegotiation of another SA. In section 4.4.3, Kent 
disclosed the refreshing of an expired SA based upon a "warning" to initiate action such as setting up a 
replacement SA. (page 22 of RFC; page 20 of printout) 
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23. In regard to claim 5, Vaid in view of Kent is applied as in claim 3. As shown previously in the 
rejection of claim 3, the combination of Vaid in view of Kent utilized a security association based upon the 
IPsec standard. 

24. In regard to claim 1 1 , Vaid is applied as in claim 9. Vaid failed to disclose the association of a 
quantity of traffic with a security association between network elements. Vaid did disclose monitoring the 
traffic between network elements. Vaid disclosed in column 2, lines 39-46 that a preferred embodiment of 
the invention involved security management with a firewall. RFC 2401 in section 2.2 disclosed that IPSec 
was a part of an overall system security architecture. IPSec provided "limited traffic flow confidentiality" 
(3.1). A Security Association was a fundamental concept to IPSec. (4,4.1). A security association 
provided a Security Policy Database which specified certain "minimum management functionality". (4.4.1) 
Since IPSec was a part of an overall security architecture, and provided a database which specified 
"minimum management functionality" {quantity value) and Vaid provided traffic management for a security 
device such as a firewall, it would have been obvious to one of ordinary skill in the art at the time of the 
invention to combine the teachings of RFC 2401 with the Vaid invention to allow for increased security by 
the use of IPSec with a traffic management system. 

25. In regard to claim 12, Vaid in view of Kent is applied as in claim 1 1 . Kent further disclosed said 
indication given from said network elements prompts renegotiation ofanotfier SA. In section 4.4.3, Kent 
disclosed the refreshing of an expired SA based upon a "warning" to initiate action such as setting up a 
replacement SA. (page 22 of RFC; page 20 of printout) 

26. In regard to claim 13, Vaid in view of Kent is applied as in claim 11 . As shown previously in the 
rejection of claim 11 , the combination of Vaid in view of Kent utilized a security association based upon 
the IPSec standard. 

27. In regard to claim 18, Vaid disclosed perfomied incoming and outgoing management of 
information over a computer network. The flows were controlled by time and other values, [column 9, 
lines 20-29] Time periods for monitoring the importance of traffic [value of said weighted traffic flow per 
usage] were used to detect problems and compare bandwidth usage over a particular segment of the 
network by a particular group of users based upon frequency of usage, [column 9, line 57 - column 10, 
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line 41] Vaid failed to disclose the association of a quantity of traffic with a security association between 
network elements. Vaid did disclose monitoring the traffic between network elements. Vaid disclosed in 
column 2, lines 39-46 that a preferred embodiment of the invention involved security management with a 
firewall. RFC 2401 in section 2.2 disclosed that IPSec was a part of an overall system security 
architecture. IPSec provided "limited traffic flow confidentiality" (3.1). A Security Association was a 
fundamental concept to IPSec. (4, 4.1). A security association provided a Security Policy Database 
which specified certain "minimum management functionality". (4.4.1) Kent further disclosed said 
indication given from said network elements prompts renegotiation of another SA. In section 4.4.3, Kent 
disclosed the refreshing of an expired SA based upon a "warning" to initiate action such as setting up a 
replacement SA. (page 22 of RFC; page 20 of printout) Since IPSec was a part of an overall security 
architecture, and provided a database which specified "minimum management functionality" {quantity 
value) and Vaid provided traffic management for a security device such as a firewall, it would have been 
obvious to one of ordinary skill in the art at the time of the invention to combine the teachings of RFC 
2401 with the Vaid invention to allow for increased security by the use of IPSec with a traffic management 
system. 

28. In regard to claim 20, Vaid in view of Kent is applied as in claim 18. As shown previously in the 
rejection of claim 18, the combination of Vaid in view of Kent utilized a security association based upon 
the IPSec standard. 

Allowable Subject Matter 

29. Claims 8, 16, and 19 are objected to as being dependent upon a rejected base claim, but would 
be allowable if rewritten in independent fomn including all of the limitations of the base claim and any 
intervening claims. 

30. The following is a statement of reasons for the indication of allowable subject matter: The 
equation listed by applicant involving the multiplication of the average use of a network element per 
period multiplied by the average communications traffic quantity per use is distinguished over the prior 
art. 
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Conclusion 

31 . The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Farrell et al. U.S. Patent No. 6,751 ,663 

Jorgensen U.S. Patent No. 6,452,915 

Bullard et al. U.S. Patent No. 6,405,251 

Kunz, Thomas et al. "Fast Detection of Communication Pattems in Distributed 
Executions." IBM Press. Proceedings of the 1997 conference of the Centre for Advanced 
Studies on Collaborative Research. Toronto, Ontario. 1997. 

Feustel, Edward et al. "The DGSA: Unmet Infomnation Security Challenges for Operating 
System Designers." ACM Press. ACM SIGOPS Operating Systems Review. Vol. 32, Issue 1. 
New York, NY. 1998. pp. 3-22. 

loannidis, Sotiris et al. "Implementing a Distributed Firewall." ACM Press. Proceedings 
of the 7*^ ACM Conference on Computer and Communications Security. Athens, Greece. 2000. 
pp. 190-199. 

Any inquiry concerning this communication or eariier communications from the examiner should 
be directed to Jeffrey R. Swearingen whose telephone number is (571) 272-3921 . The examiner can 
normally be reached on M-F 8:30-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Jason Cardone can be reached on 571-272-3933. The fax phone number for the organization where this 
application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status infonmation for published applications may be obtained from 
either Private PAIR or Public PAIR. Status infomnation for unpublished applications is available through 
Private PAIR only. For more infomnation about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) 
at 866-21 7-91 97 (toll-free). ^ 




Jason Cardone 
Supervisory Patent Examiner 
Art Unit 2145 



